Clario - HackerOne Reports
View on HackerOne37
Total Reports
0
Critical
1
High
10
Medium
26
Low
Reflected XSS (mackeeperapp2.mackeeper.com)
Reported by:
sec0ndw0lf
|
Disclosed:
Low
Weakness: Cross-site Scripting (XSS) - Reflected
Bounty: $75.00
Reflected XSS
Reported by:
patient_zero
|
Disclosed:
Low
Weakness: Cross-site Scripting (XSS) - Reflected
CORS Misconfiguration, could lead to disclosure of sensitive information (translate.kromtech.com)
Reported by:
sec0ndw0lf
|
Disclosed:
Low
Bounty: $50.00
XSS in https://mackeeper.com
Reported by:
kphaks
|
Disclosed:
Medium
Weakness: Cross-site Scripting (XSS) - Reflected
Bounty: $300.00
No rate limiting on password reset page
Reported by:
karna__
|
Disclosed:
Low
Weakness: Business Logic Errors
Bounty: $50.00
CSS Injection on static.mackeeper.com - Potential XSS
Reported by:
m4ll0k
|
Disclosed:
Low
Weakness: Resource Injection
Unauthenticated Reflected Cross-Site Scripting on https://account.mackeeper.com/signin page
Reported by:
patient_zero
|
Disclosed:
Low
Weakness: Cross-site Scripting (XSS) - Reflected
Lack of HTTPS in service communications
Reported by:
patient_zero
|
Disclosed:
Medium
Weakness: Cleartext Transmission of Sensitive Information
Google API key leaks and security misconfiguration leads Open Redirect Vulnerability
Reported by:
br33z3
|
Disclosed:
Medium
Weakness: Open Redirect
Bounty: $300.00
Reflected xss
Reported by:
dilawer
|
Disclosed:
Low
Weakness: Cross-site Scripting (XSS) - Reflected
Bounty: $50.00
open redirect at https://account.mackeeper.com/auth/signin/continue via improper uri sanitization
Reported by:
dilawer
|
Disclosed:
Low
Weakness: Open Redirect
Bounty: $50.00
No rate Limit on Licenses Activation
Reported by:
akash-labade
|
Disclosed:
Medium
Weakness: Business Logic Errors
Bounty: $300.00
Multiple Links Vulnerable to Reflected xss
Reported by:
dilawer
|
Disclosed:
Low
Weakness: Cross-site Scripting (XSS) - Reflected
Bounty: $50.00
RXSS on thankyou.pixels.php (yapi.mackeeper.com)
Reported by:
sec0ndw0lf
|
Disclosed:
Low
Weakness: Cross-site Scripting (XSS) - Reflected
Bounty: $75.00
Reflected XSS on stage.mackeeper.com
Reported by:
karna__
|
Disclosed:
Low
Weakness: Cross-site Scripting (XSS) - Reflected
Bounty: $60.00
RXSS on unsubscribe feature (affiliates.kromtech.com)
Reported by:
sec0ndw0lf
|
Disclosed:
Low
Weakness: Cross-site Scripting (XSS) - Reflected
Bounty: $75.00
RXSS on landings/land/3/ron_clean_17_app3_alerts/index.php (mackeeperapp3.mackeeper.com)
Reported by:
sec0ndw0lf
|
Disclosed:
Low
Weakness: Cross-site Scripting (XSS) - Reflected
Bounty: $75.00
CRLF Injection - http://stage.mackeeper.com/
Reported by:
kphaks
|
Disclosed:
Low
Weakness: CRLF Injection
Bounty: $50.00
CRLF Injection - http://stage-static-cdn.mackeeper.com/
Reported by:
kphaks
|
Disclosed:
Low
Weakness: CRLF Injection
Bounty: $50.00
RXSS on /landings/123.1/index.php (mackeeperapp.mackeeper.com)
Reported by:
sec0ndw0lf
|
Disclosed:
Medium
Weakness: Cross-site Scripting (XSS) - Reflected
Bounty: $300.00
Page 1 of 2
Next